PCM cloud solution provider breached by hackers, customer info stolen

PCM Inc. suffers from a data breach that allowed hackers to get into the company's infrastructure

PCM Inc. receives a data breach that touched its customers' email and file-sharing services

PCM, the biggest cloud solution provider in the US, has recently been interrupted by a data breach which targeted its email and file-sharing services.^[1] Some cybersecurity reports claim that the data exposure first took place in the middle of May, this year. It is known that hackers targeted private administrative information which has been used to take care of accounts by using Office 365 services^[2] created and developed by Microsoft.

Researchers have also discovered that the main intention for cybercriminals to commit such crime was money. This decision was made when the fact that hackers were expecting to use the collected data in gift card scams occurred. These scammers often try to trick people that they can receive gifts and prizes if they pay a certain amount of money first.^[3] Next, they vanish away once the payment is received.

Researchers think that PCM breach might be linked to another data leak which involves Wipro

Researchers from Krebs on Security are concerned that this data breach has some relations to Wipro Ltd. information exposure that happened some time ago, this year as the attackers were involved in gift card scam attempts as well:^[4]

In that respect, the motivations of the attackers seem similar to the goals of intruders who breached Indian IT outsourcing giant Wipro Ltd. earlier this year. In April, KrebsOnSecurity broke the news that the Wipro intruders appeared to be after anything they could quickly turn into cash, and used their access to harvest gift card information from a number of the company’s customers.

However, it is not known if PCM Inc. data breach attack was a continuation of the attempt involving Wipro or if these two incidents are completely different things. Cybercrooks, who took advantage of Wipro services, created a big number of infectious domains so that it would be easier to trick the company's clients into falling for their scams.

Good news: negative effects of the data breach are minimal

Talking about the losses relating to PCM data breach, the company claims that the negative effects are minimal and system operation is under control again. Additionally, not all of the clients have been affected by this incident. The victims are those who were reached by the organization directly and were asked to discuss all concerns about the attack.

Data breaches are happening almost daily. For example, a recent data exposure activity occurred throughout the xSocialMedia services not so long ago and resulted in the breach of approximately 150 000 sensitive records.^[5] The worst part of this story is that people got their medical information leaked during the incident too.

However, this is just one from thousands of data exposures that occurred throughout the past years. Hackers have been targeting worldwide healthcare companies, airplane part companies, cryptocurrency-based organizations, and other different types of corporations some of which experienced small losses and some ended up with worse consequences.